Qualys, a leading provider of disruptive cloud-based IT, security, and compliance solutions, announced the availability of its Ransomware Risk Assessment Service to provide companies with visibility into their ransomware exposure and automate the patching and configuration changes needed to reduce risk immediately.

Unpatched vulnerabilities, device misconfigurations, internet-facing assets, and unauthorized software rank consistently among the top attack vectors of Ransomware. Authorities like CISA and NIST recommend that organizations strengthen their defence by proactively assessing ransomware risk including quickly patching associated vulnerabilities.

While there is no silver bullet to prevent ransomware, companies can take charge with proactive measures including solid cybersecurity hygiene, patching for known ransomware vulnerabilities, changing configurations, and adjusting security policies. Qualys Ransomware Risk Assessment puts cybersecurity teams in control by operationalizing government guidelines and providing a company-specific ransomware heatmap so they can eliminate an area of risk and shrink their attack surface.

Qualys vulnerability and threat researchers analysed ransomware attacks over the last five years to identify approximately 100 CVEs commonly used by ransomware threat actors. Researchers mapped CVEs to ransomware families like Locky, Ryuk, Conti and WannaCry along with specific misconfigurations that are typically leveraged by the threat actors.

Qualys developed the Ransomware Risk Assessment Service, powered by the VMDR platform, to help organizations proactively identify, prioritize, track, and remediate assets that are vulnerable to ransomware attacks. Once identified, vulnerabilities are mapped to available patches that can be directly deployed from the service without requiring additional tools and VPNs reducing the company’s ransomware exposure.

Qualys Ransomware Risk Assessment Service leverages a single, dynamic dashboard to provide a clear comprehensive view of your ransomware risk exposure including:

  1. Identification of Internet Facing Assets
  2. Clear Insights into Ransomware Exposure
  3. Integrated Patch Deployment

Qualys extensively researched past ransomware attacks as well as CISA, MS-ISAC and NIST guidance and operationalized it into a prescriptive, actionable plan so companies can proactively remediate to stay ahead of ransomware attacks and reduce their overall risk.